A press release issued today from the U.S. Attorney’s Office, District of Columbia: WASHINGTON – Alexander Pakhtusov is charged in United States District Court for the District of Columbia in case number 19-cr-310. Mr. Pakhtusov was a seller on both Slilpp and Paysell (now called Blackpass) using the moniker “Mrtikov.” His overall involvement spanned from…
At some point, SNAtch Team stopped being the Snatch ransomware gang. Were journalists the last to know?
In December 2019, Sophos published an analysis of Snatch ransomware. In June 2020, DFIR Report provided a case study, and in July 2020, LIFARS wrote an article about Snatch ransomware having been detected in attacks in June. Since then, the Snatch leak site has continued to add victims and the media (including DataBreaches) has continued to…
Education Sector Heavily Targeted as the School Year Begins
A threat highlight from the New Jersey Cybersecurity & Communications Integration Cell (NJCCIC): Summary As the 2023 school year begins, threat actors are poised to launch various types of cyberattacks ranging from direct deposit scams to ransomware. The education sector is often targeted during holiday breaks. Threat actors take advantage of this pastime when staff is away or just…
Norman Public Schools tells media, families it will strive to communicate better
Well, it seems one school district has seen the light and will try to be more transparent and timely in the event of security incidents. Norman Public Schools in Oklahoma experienced a ransomware attack in November 2022. At the time, DataBreaches was revealing more details about the breach by the Hive ransomware gang and the…
Za: Enforcement Notice Issued To Dis-Chem For Violating POPIA
Gugu Lourie reports: On the 31st of August 2023, the Information Regulator took action by issuing an Enforcement Notice against Dis-Chem, due to their non-compliance with several provisions of the Protection of Personal Information Act (POPIA). In the timeline of events, it was revealed that during the months of April and May in 2022, a…
LogicMonitor customers who didn’t change default passwords were hit by hackers
Lorenzo Franceschi-Bicchierai reports: Some customers of the network security company LogicMonitor have been hacked due to the use of default passwords, TechCrunch has learned. The incident is due to the fact that, until recently, LogicMonitor was assigning customers default — and weak — passwords such as “Welcome@” plus a short number, according to a source…